icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

SQL Server Cleartext 'sql' Account 'sql' Password Authentication

High

Synopsis

The remote host is configured with default or easily-guessed credentials.

Description

The remote SQL server allows logins with the 'sql' password set to 'sql'.

Solution

Require the SQL server to utilize an encrypted login and ensure that passwords are not trivially guessed.